Aliases: W32.Clunk.A / Worm.Win32.Datom.d / /WORM_DATOM.B
Variants: N/A

Classification: Malware
Category: Computer Worm

Status: active
Spreading: medium
Geographical info: Low
Removal: Moderate
Platform: W32
Discovered: 24 Mar 2005
Damage: medium

Characteristics: W32.Clunk.A is a password-stealing worm. This spreads to different network file shares. It affects windows system such as Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, and Windows XP.

More details about W32.Clunk.A

This application is capable of recording the keystrokes entered by the user on the affected computer’s keyboard. It uses keylogging techniques to be able to keep a record of passwords, credit card numbers, usernames, e-mail addresses, banking account details and instant messenger conversations. All the information collected from the affected computer is kept in a log file. The log file is then transmitted to third parties or uploaded to a remote server. The information may be used to perform unwanted actions, such as hacking into accounts and theft. Upon installation, the W32.Clunk.A application creates a backdoor on the affected computer. The backdoor is utilized by a remote user to be able to send some commands for the worm program to perform on the compromised machine. The commands sent by the remote user usually consist of actions that the user would not want to be carried out on the computer.

The remote user can remove important files from the computer and use the affected system to perform DDoS (Distributed Denial of Service) attacks to different servers. The remote user can also get information regarding the affected computer. This includes the RAM (Random Access Memory), the IP (Internet Protocol) address of the affected computer and the operating system. This information can be used to start attacks against the compromised computer.